PCI DSS 2015 SIG Proposal: Securing Cryptographic Keys and Digital Certificates
Why is securing keys and certificates an
important PCI DSS special interest group (SIG) now? Cybercriminals are using keys
and certificates to gain trusted status, be authenticated, and evade detection, bypassing other security controls and
keeping their actions cloaked. And keys and certificates that protect payment
card information are a particularly attractive target.
Vote for this SIG for guidance on use cases such as detecting, preventing, and remediating exploits of vulnerabilities such as Heartbleed and APTs designed to circumvent and misuse keys and certificates. If not secured, keys and certificates become a weak point in protecting payments systems and even undermine other critical security controls in place.
With the right guidance, you can simplify and
ensure repeated audit success while continually defending against these
trust-based attacks—and avoid being in the headlines with the next breach.
View the proposal on SlideShare at http://www.slideshare.net/Venafi/pci-scc-2015-sig-proposal-securing-keys-and-certificates.
Watch the on-demand webinar with SecurityMetrics at https://www.infosecurity-magazine.com/webinars/get-ready-for-pci-dss-v3/
Vote for the PCI SIG Cryptographic Keys and Digital Certificate Security Guidelines and get involved! Show your support by signing this petition, but then also make sure to vote between October 13-23 on the PCI SSC website. [https://www.pcisecuritystandards.org/]